Software Engineer, Application Security

Glean is looking for an experienced Application Security Engineer with a primary focus on ensuring that our entire technology stack is free of software vulnerabilities (CVEs). This role is responsible for securing our base OS images, ensuring all open-source software (OSS) dependencies are scanned and patched, and integrating cutting-edge security tools into our CI/CD pipeline. The ideal candidate will drive the adoption of solutions like Google's Assured Open Source Software (OSS) and explore alternative approaches to enhance software security. This role will lead the vulnerability management charter at Glean, identifying, evaluating, and implementing new security technologies and processes to proactively protect our infrastructure. What You Will Do and Achieve - Own and lead the vulnerability management lifecycle, ensuring our entire tech stack is free from known CVEs. - Implement and manage secure base OS images, ensuring all underlying systems remain hardened against security threats. - Continuously scan, monitor, and patch OSS dependencies to mitigate supply chain risks and enforce best practices for dependency management. - Research and evaluate trusted open-source security solutions like Google's Assured Open Source Software and recommend their adoption where applicable. - Work closely with engineering teams to integrate state-of-the-art SAST, DAST, and dependency scanning tools into the CI/CD pipeline to detect and remediate vulnerabilities early. - Define and maintain best practices for secure coding to ensure all code developed by Glean engineers is free from vulnerabilities. - Develop automated security validation tests to enforce vulnerability-free deployments across the stack. - Lead the adoption and, if necessary, develop custom security solutions to manage and mitigate security risks at scale. - Provide security guidance, training, and mentorship to engineering teams to foster a security-first culture at Glean.

At Glean, we're on a mission to bring people the knowledge they need to make a difference in the world. Our journey began with a team of seasoned engineers from Google and Meta who recognized a fundamental gap—why do we have powerful search tools in our personal lives but struggle to find what we need at work? That's what inspired the creation of Glean. Glean unifies search across all of a company's apps, helping users find exactly what they need and discover what they should know. Our diverse team of curious and creative individuals is passionate about building technology that empowers organizations to get big things done. We're backed by top-tier venture capital firms—including Sequoia, Kleiner Perkins, Lightspeed, and General Catalyst—and have assembled a world-class team with senior leadership experience from Google, Slack, Facebook, Dropbox, Rubrik, Uber, Intercom, Pinterest, Palantir, and more.